Presentación - Cisco ASA with FirePOWER Services

5,969 views

Published on

En la medida que más empresas mueven sus modelos de negocio hacia la movilidad, la nube e Internet de las cosas, sus soluciones de seguridad deben ser más dinámicas y escalables. Sin embargo, hasta la fecha, la mayoría de las soluciones de seguridad no han seguido el ritmo de cambio y no han podido adaptarse a las nuevas amenazas y ataques. Hoy, las soluciones de seguridad están basadas en un modelo binario de “bien vs mal”, el cual carece de la visibilidad necesaria para entender el contexto. El 16 de septiembre, Cisco dio a conocer su más reciente paso en esta dirección.

Published in: Technology

Presentación - Cisco ASA with FirePOWER Services

  1. 1. © 2014 Cisco and/or its affiliates. All rights reserved. 1 © 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 Industry’s First Threat-Focused NGFW Héctor Casas Consultor de Seguridad de Cisco para Argentina, Chile, Paraguay y Uruguay 16 de septiembre Cisco ASA with FirePOWER Services
  2. 2. © 2014 Cisco and/or its affiliates. All rights reserved. 2 Introducing: Cisco ASA with FirePOWER Services Industry’s First Threat-Focused Next-Generation Firewall ►Cisco® ASA firewalling combined with Sourcefire® Next-Generation IPS ►Advanced Malware Protection (AMP) ►Best-in-class security intelligence, application visibility and control (AVC), and URL filtering Features ►Superior, multilayered threat protection ►Unprecedented network visibility ►Integrated threat defense across the entire attack continuum ►Reduced cost and complexity Benefits
  3. 3. © 2014 Cisco and/or its affiliates. All rights reserved. 3 100 0111100 011 1010011101 1000111010011101 10001110 10011 101 010011101 1100001110001110 1001 1101 1110011 0110011 101000 0110 00 01000 01000111 0100 11101 1000111010011101 1000111010011101 1100001 1100 0111010011101 1100001110001110 1001 1101 1110011 0110011 101000 The Problem with Legacy Next-Generation Firewalls Focus on the Apps But totally miss the threat… Legacy NGFW can reduce attack surface area but advanced malware often evades security controls. 0100 1110101001 1101 111 0011 0 0111100 011 1010011101 1 0100 111001 1001 11 111 0
  4. 4. © 2014 Cisco and/or its affiliates. All rights reserved. 4 Threat Landscape Demands more than Application Control 100% of companies connect to domains that host malicious files or services 54% of breaches remain undiscovered for months 60% of data is stolen in hours avoids detection and attacks swiftly It is a Community that hides in plain sight
  5. 5. © 2014 Cisco and/or its affiliates. All rights reserved. 5 Legacy NGFWs Lack Complete Visibility and Control Without Proper Visibility Threat Protection Cannot Be Operationalized
  6. 6. © 2014 Cisco and/or its affiliates. All rights reserved. 6 Integrated Threat Defense Across the Attack Continuum ATTACK CONTINUUM Point-in-Time Continuous Discover Enforce Harden Detect Block Defend Scope Contain Remediate Network Endpoint Mobile Virtual Cloud
  7. 7. © 2014 Cisco and/or its affiliates. All rights reserved. 7 Industry’s First Threat-Focused Next-Generation Firewall Cisco ASA with FirePOWER Services ►Cisco® ASA firewalling combined with Sourcefire® Next-Generation IPS ►Advanced Malware Protection (AMP) ►Best-in-class security intelligence, application visibility and control (AVC), and URL filtering Features ►Superior, multilayered threat protection ►Unprecedented network visibility ►Integrated threat defense across the entire attack continuum ►Reduced cost and complexity Benefits “By integrating defense layers, organizations can enhance visibility, enable dynamic controls, and provide advanced threat protection that address the entire attack continuum – before, during, and after an attack.”
  8. 8. © 2014 Cisco and/or its affiliates. All rights reserved. 8 Superior Integrated & Multilayered Protection ►World’s most widely deployed, enterprise-class ASA stateful firewall ►Granular Cisco® Application Visibility and Control (AVC) ►Industry-leading FirePOWER next-generation IPS (NGIPS) ►Reputation- and category-based URL filtering ►Advanced Malware Protection with Retrospective Security Cisco ASA Identity-Policy Control & VPN URL Filtering (Subscription) FireSIGHT Analytics & Automation Advanced Malware Protection (Subscription) Application Visibility & Control Network Firewall Routing | Switching Clustering & High Availability Cisco Collective Security Intelligence Enabled Built-in Network Profiling Intrusion Prevention (Subscription)
  9. 9. © 2014 Cisco and/or its affiliates. All rights reserved. 9 Unprecedented Network Visibility Categories FirePOWER Services Legacy IPS Legacy NGFW Threats    Users    Web Applications    Application Protocols    File Transfers    Malware    Command & Control Servers    Client Applications    Network Servers    Operating Systems    Routers & Switches    Mobile Devices    Printers    VoIP Phones    Virtual Machines   
  10. 10. © 2014 Cisco and/or its affiliates. All rights reserved. 10 Impact Assessment Correlates all intrusion events to an impact of the attack against the target 1 2 3 4 0 IMPACT FLAG ADMINISTRATOR ACTION WHY Act Immediately, Vulnerable Event corresponds to vulnerability mapped to host Investigate, Potentially Vulnerable Relevant port open or protocol in use, but no vuln mapped Good to Know, Currently Not Vulnerable Relevant port not open or protocol not in use Good to Know, Unknown Target Monitored network, but unknown host Good to Know, Unknown Network Unmonitored network
  11. 11. © 2014 Cisco and/or its affiliates. All rights reserved. 11 Automated, Integrated Threat Defense Superior Protection for Entire Attack Continuum Retrospective Security Shrink Time between Detection and Cure PDF Mail Admin Request PDF Mail Admin Request Multi-vector Correlation Early Warning for Advanced Threats Host A Host B Host C 3 IoCs Adapt Policy to Risks WWW WWW WWW Dynamic Security Control http:// http:// WWW WEB Context and Threat Correlation Priority 1 Priority 2 Priority 3 Impact Assessment 5 IoCs
  12. 12. © 2014 Cisco and/or its affiliates. All rights reserved. 12 Indicators of Compromise (IoCs) IPS Events Malware Backdoors CnC Connections Exploit Kits Admin Privilege Escalations Web App Attacks SI Events Connections to Known CnC IPs Malware Events Malware Detections Malware Executions Office/PDF/Java Compromises Dropper Infections
  13. 13. © 2014 Cisco and/or its affiliates. All rights reserved. 13 Cisco ASA with FirePOWER Services vs. Legacy NGFW Feature Cisco ASA with FirePOWER Services Legacy NGFW Reputation-Based Proactive Protection Superior Not Available Visibility, Context & Intelligent Security Automation Superior Not Available File Reputation, File Trajectory, Retrospective Analysis Superior Not Available IoC’s Superior Not Available NGIPS Superior Available1 Application Visibility and Control Superior Available Acceptable Use/URL Filtering Superior Available Remote Access VPN Superior Not Enterprise-Grade Stateful Firewall, HA, Clustering Superior Available2 1 – Typically 1st generation IPS, 2 -HA Capabilities vary from NGFW vendor
  14. 14. © 2014 Cisco and/or its affiliates. All rights reserved. 14 Complete Security Solutions Security Services Security Products
  15. 15. © 2014 Cisco and/or its affiliates. All rights reserved. 15 Accelerate Migration to Cisco ASA with FirePOWER Services with Professional and Technical Services SMARTnet Technical Support Migration Services Managed Services Provide full-time, proactive, systematic threat monitoring and management Move more quickly to new capabilities and with minimal disruption Keep security solutions available by providing access to broad Cisco support tools and expertise
  16. 16. © 2014 Cisco and/or its affiliates. All rights reserved. 16 Cisco ASA with FirePOWER Services Industry’s First Threat-Focused NGFW Superior Visibility Integrated Threat Defense ▶Best-in-class, multilayered protection in a single device ▶Full contextual awareness to eliminate gaps Automation ▶Simplified operations and dynamic response and remediation
  17. 17. © 2014 Cisco and/or its affiliates. All rights reserved. 17 Thank You

×